VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Nevyziadana reklama:make maney at home

https://forum.viry.cz:443/viewtopic.php?t=136672

Stránka 1 z 3

Nevyziadana reklama:make maney at home

Napsal: 06 bře 2014 20:15
od Vojto
Zdravim Vas.

Do notebook s Win 8 64 bit sa mi nejakym sposobom dostalo nieco, co sa prejavuje oknom s nazvom "Make maney at home" a nejde zatvorit. Skusal som to odstranit tak, ze som vytiahol napadnute HDD a cez box som ho preskenoval na inom cistom PC. Zial nepomohlo. Potom som vyuzil soft Malwarebytes v nudzovom rezime s aktualnou databazou a nic. Potom som v nudzovom rezime vyuzil SUPERAntiSpyware s aktualnou databazou a opat to nepomohlo.

Viete mi niekto poradit co s tym??? To okno sa skratka neda odstranit.
Dakujem.

Re: Nevyziadana reklama:make maney at home

Napsal: 06 bře 2014 20:56
od Rudy
Také zdravím!
Zkuste tento postup: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

Re: Nevyziadana reklama:make maney at home

Napsal: 06 bře 2014 22:30
od Vojto
Zdravim Vas.

Podla toho co citam, mam ziskat nejaky log a ten Vam mam poslat?? Alebo mam nieco vycitat z toho txt??

Re: Nevyziadana reklama:make maney at home

Napsal: 06 bře 2014 22:35
od Rudy
Zajisté. Log vložte sem.

Re: Nevyziadana reklama:make maney at home

Napsal: 10 bře 2014 18:26
od Vojto
Zdravim Vas.Zasielamziadany logk analyze môjho problemu. Vopred Vam dakujem za odpoved a pomoc.

Re: Nevyziadana reklama:make maney at home

Napsal: 10 bře 2014 18:55
od Rudy
A kde je? :?:

Re: Nevyziadana reklama:make maney at home

Napsal: 10 bře 2014 19:07
od Vojto
To nechapem, vlozil som ten subor sem. Tak este raz alebo Vam to poslem na mail
rudy@forum.viry.cz

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-03-2014 02
Ran by ASUS (administrator) on K55VJ on 10-03-2014 18:26:48
Running from C:\Users\ASUS\Desktop
Windows 8.1 (X64) OS Language: 041B
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
(Microsoft Corporation) C:\WINDOWS\system32\WLANExt.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
() C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
(Microsoft) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\System Process.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Macrovision Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
(Microsoft Corporation) C:\WINDOWS\splwow64.exe
(Microsoft Corporation) C:\WINDOWS\FileManager\PhotosApp.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(forum.viry.cz) C:\Users\ASUS\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [11554688 2012-08-08] (Motorola Solutions, Inc.)
HKLM\...\Run: [ACMON] - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192 2012-08-24] (ASUS)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-08-20] (Realtek Semiconductor)
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [5618456 2013-09-12] (ESET)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSPRP] - C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-05-01] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] - C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [ISUSPM Startup] - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2006-08-25] (Macrovision Corporation)
HKLM-x32\...\Run: [ISUSScheduler] - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2006-08-25] (Macrovision Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3741878392-2057564541-1545777600-1002\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20587168 2013-11-18] (Skype Technologies S.A.)
HKU\S-1-5-21-3741878392-2057564541-1545777600-1002\...\Run: [KSS] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202328 2012-12-07] (Kaspersky Lab ZAO)
Startup: C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ClassicStartMenu.exe - odkaz.lnk
ShortcutTarget: ClassicStartMenu.exe - odkaz.lnk -> C:\Program Files\Classic Shell\ClassicStartMenu.exe (IvoSoft)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... &pc=ASU2JS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... &pc=ASU2JS
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {41D6D2F0-3B40-41D4-B2A0-DCF78F6A0C43} URL = http://encyklopedie.seznam.cz/search?q= ... arch_13415
SearchScopes: HKCU - {5159BC0F-C499-4445-8380-188274334759} URL = http://www.novinky.cz/hledej?w={searchT ... arch_13415
SearchScopes: HKCU - {8087A869-00ED-4B59-AB15-04F8FC710255} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
SearchScopes: HKCU - {8D08CE39-A78F-4853-A492-9A9AFFE32F8D} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_13415
SearchScopes: HKCU - {91E9BB89-099C-4D94-AEDA-585107F1BB6D} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKCU - {A02D4366-A744-440F-A6C6-E82D744494C3} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKCU - {AA7756F6-D3AB-4A48-B44A-E9B18A80891C} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13415
SearchScopes: HKCU - {FA92EE24-B3FE-44B9-B4A2-1AD01D742F8E} URL = http://www.mapy.cz/?query={searchTerms} ... arch_13415
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll No File
BHO: Plus-HD-4.9 - {11111111-1111-1111-1111-110411591118} - C:\Program Files (x86)\Plus-HD-4.9\Plus-HD-4.9-bho64.dll No File
BHO: Torntv V6.0 - {11111111-1111-1111-1111-110411591160} - C:\Program Files (x86)\Torntv V6.0\Torntv V6.0-bho64.dll No File
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks-x32: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files (x86)\SUPERAntiSpyware\SASSEH.DLL No File [ ]
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\tbo8vbjf.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\tbo8vbjf.default\searchplugins\buenosearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\atlas-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\azet-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\dunaj-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slovnik-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\zoznam-sk.xml
FF Extension: BuenoSearch - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\tbo8vbjf.default\Extensions\ffxtlbr@buenosearch.com [2014-03-04]
FF Extension: Seznam lištička - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\tbo8vbjf.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2013-12-30]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-03-05]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-03-05]

Chrome:
=======
CHR HomePage: hxxp://google.sk/
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR HKLM-x32\...\Chrome\Extension: [ccepmndfapjjganokofnopcdpahpafma] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta989\ch\VideoPlayerV3beta989.crx []

==================== Services (Whitelisted) =================

R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] ()
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1337752 2013-09-12] (ESET)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 KSS; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202328 2012-12-07] (Kaspersky Lab ZAO)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
S4 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe [1922600 2013-07-08] (Pandora.TV)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)
S3 RoxLiveShare9; "C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe" [X]

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S4 aswSP; No ImagePath
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [61824 2012-10-31] (ASUS Corporation)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [239296 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfw; C:\Windows\system32\DRIVERS\epfw.sys [220232 2013-09-17] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [44120 2013-09-17] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62136 2013-09-17] (ESET)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-12-24] (Microsoft Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew00.sys [3345376 2013-10-08] (Intel Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-12-24] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-10 18:26 - 2014-03-10 18:27 - 00018806 _____ () C:\Users\ASUS\Desktop\FRST.txt
2014-03-10 18:25 - 2014-03-10 18:26 - 00000000 ____D () C:\FRST
2014-03-10 18:24 - 2014-03-10 18:24 - 00112640 _____ (forum.viry.cz) C:\Users\ASUS\Desktop\FRSTLauncher.exe
2014-03-10 18:22 - 2014-03-10 18:22 - 02157056 _____ (Farbar) C:\Users\ASUS\Desktop\FRST64.exe
2014-03-07 23:30 - 2014-03-07 23:30 - 00001282 _____ () C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan.lnk
2014-03-07 23:30 - 2014-03-07 23:30 - 00001055 _____ () C:\Users\ASUS\Desktop\Kaspersky Security Scan.lnk
2014-03-07 23:30 - 2014-03-07 23:30 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-03-07 23:30 - 2014-03-07 23:30 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-03-07 23:28 - 2014-03-07 23:28 - 00180000 _____ (Kaspersky Lab) C:\Users\ASUS\Desktop\kss12.0.1.117EN_RU_DE_FR_2926.exe
2014-03-06 22:08 - 2014-03-06 22:08 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-06 22:08 - 2014-03-06 22:08 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-06 11:09 - 2014-03-06 11:09 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\LavasoftStatistics
2014-03-06 10:35 - 2014-03-06 12:23 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-03-06 10:22 - 2014-03-06 10:22 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-03-06 01:56 - 2014-03-06 21:20 - 00002361 _____ () C:\WINDOWS\setupact.log
2014-03-06 01:56 - 2014-03-06 01:56 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-03-06 01:20 - 2014-03-06 01:20 - 00000000 ____D () C:\SUPERDelete
2014-03-06 00:26 - 2014-03-10 18:26 - 00448806 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-06 00:19 - 2014-03-08 22:01 - 00021196 _____ () C:\WINDOWS\PFRO.log
2014-03-05 19:29 - 2014-03-05 19:29 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\ESET
2014-03-05 19:29 - 2014-03-05 19:29 - 00000000 ____D () C:\Users\ASUS\AppData\Local\ESET
2014-03-05 19:28 - 2014-03-05 19:28 - 00000000 ____D () C:\ProgramData\ESET
2014-03-05 19:28 - 2014-03-05 19:28 - 00000000 ____D () C:\Program Files\ESET
2014-03-05 00:27 - 2014-03-05 00:27 - 00012872 _____ (SurfRight B.V.) C:\WINDOWS\system32\bootdelete.exe
2014-03-05 00:19 - 2014-03-05 19:20 - 00000000 ____D () C:\Program Files\HitmanPro
2014-03-05 00:18 - 2014-03-05 00:19 - 10820032 _____ (SurfRight B.V.) C:\Users\ASUS\Downloads\HitmanPro_x64.exe
2014-03-05 00:01 - 2014-03-05 00:01 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\ASUS\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-04 23:50 - 2014-03-04 23:50 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-03-04 23:49 - 2014-03-04 23:49 - 01037734 _____ (Thisisu) C:\Users\ASUS\Downloads\JRT.exe
2014-03-04 23:40 - 2014-03-04 23:40 - 00001947 _____ () C:\Users\ASUS\Desktop\Sync Folder.lnk
2014-03-04 23:37 - 2014-03-04 23:41 - 00000000 ____D () C:\AdwCleaner
2014-03-04 23:36 - 2014-03-04 23:36 - 01244192 _____ () C:\Users\ASUS\Downloads\adwcleaner.exe
2014-03-04 23:36 - 2014-03-04 23:36 - 01244192 _____ () C:\Users\ASUS\Downloads\adwcleaner (1).exe
2014-03-04 23:17 - 2014-03-05 21:25 - 00003110 _____ () C:\WINDOWS\System32\Tasks\YourFile DownloaderUpdate
2014-03-04 21:22 - 2014-03-04 21:22 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-03-04 21:17 - 2014-03-04 21:17 - 00000000 ____D () C:\Users\ASUS\AppData\Local\Avg2014
2014-03-04 19:22 - 2014-03-04 19:22 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\Malwarebytes
2014-03-04 19:00 - 2014-03-04 19:00 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\SUPERAntiSpyware.com
2014-03-04 18:58 - 2014-03-06 22:36 - 00000000 ____D () C:\Program Files (x86)\SUPERAntiSpyware
2014-03-04 18:52 - 2014-03-05 00:28 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-03-04 18:51 - 2014-03-04 18:51 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-04 18:27 - 2014-03-04 18:27 - 00000000 ____D () C:\WINDOWS\pss
2014-03-04 18:04 - 2014-03-04 18:04 - 00000000 ____D () C:\WINDOWS\Tasks\ImCleanDisabled
2014-03-03 18:28 - 2014-03-03 18:28 - 00003220 _____ () C:\WINDOWS\System32\Tasks\Driver Booster Scan
2014-03-02 02:43 - 2014-03-02 02:43 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
2014-03-02 02:42 - 2014-03-02 02:42 - 00833752 _____ (Realtek ) C:\WINDOWS\system32\Drivers\Rt630x64.sys
2014-03-02 02:42 - 2014-03-02 02:42 - 00074456 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2014-03-02 02:40 - 2013-11-19 16:52 - 00034080 _____ (IObit) C:\WINDOWS\system32\SmartDefragBootTime.exe
2014-03-02 02:38 - 2014-01-08 15:54 - 00121856 _____ (IObit) C:\WINDOWS\system32\IObitSmartDefragExtension.dll
2014-03-02 02:36 - 2014-03-04 17:28 - 00165659 _____ () C:\MyXML.xml
2014-03-02 02:32 - 2014-03-02 02:48 - 00000000 ____D () C:\ProgramData\ProductData
2014-03-02 02:32 - 2014-03-02 02:32 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\Apple Computer
2014-03-02 02:32 - 2014-03-02 02:32 - 00000000 ____D () C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-03-02 02:30 - 2014-03-02 02:30 - 02377024 _____ (IObit) C:\Users\ASUS\Downloads\advanced-systemcare-installer.exe
2014-03-02 02:08 - 2014-03-02 02:48 - 00000000 ____D () C:\ProgramData\IObit
2014-03-02 02:07 - 2014-03-03 18:39 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-03-02 02:07 - 2014-03-02 02:38 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\IObit
2014-03-02 02:06 - 2014-03-02 02:07 - 19362952 _____ (IObit ) C:\Users\ASUS\Downloads\imfv2-setup-for-review.exe
2014-03-02 01:53 - 2014-03-02 02:35 - 00000000 ____D () C:\WINDOWS\Minidump
2014-03-02 00:23 - 2014-03-02 00:52 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-03-02 00:20 - 2014-03-02 00:23 - 90578216 _____ (AVAST Software) C:\Users\ASUS\Downloads\avast_free_antivirus_setup.exe
2014-03-02 00:11 - 2014-03-02 00:11 - 00034967 _____ () C:\Users\ASUS\Downloads\sitemap-cz.xml.gz
2014-03-01 23:56 - 2014-03-01 23:56 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\ASUS\Downloads\SpyHunter-Installer.exe
2014-02-25 18:40 - 2014-02-25 18:40 - 04436944 _____ (AVG Technologies) C:\Users\ASUS\Downloads\avg_free_stb_all_2014_4259_free.exe
2014-02-24 19:46 - 2014-02-24 19:46 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-02-23 23:20 - 2014-02-23 23:20 - 00000000 ____D () C:\Users\ASUS\AppData\Local\Finančné_riaditeľstvo_SR_-_Sekcia_daňová
2014-02-23 23:19 - 2014-02-24 20:31 - 00000000 ____D () C:\Users\ASUS\AppData\Local\Deployment
2014-02-23 21:50 - 2013-12-09 01:34 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-02-23 21:50 - 2013-12-09 01:04 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-02-23 21:50 - 2013-11-27 16:34 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2014-02-23 21:50 - 2013-11-27 16:27 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-02-23 21:50 - 2013-11-27 15:00 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-02-23 21:50 - 2013-11-27 14:47 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2014-02-23 21:50 - 2013-11-27 13:02 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2014-02-23 21:50 - 2013-11-27 11:54 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-02-23 21:50 - 2013-11-27 11:24 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-02-23 21:50 - 2013-11-27 11:08 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-02-23 21:50 - 2013-11-27 10:46 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-02-23 21:50 - 2013-11-27 10:41 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-02-23 21:50 - 2013-11-27 10:17 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-02-23 21:50 - 2013-11-27 10:10 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2014-02-23 21:50 - 2013-11-27 09:58 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-02-23 21:50 - 2013-11-27 09:56 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2014-02-23 21:50 - 2013-11-27 05:01 - 00385614 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-02-23 21:50 - 2013-11-26 14:22 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-02-23 21:50 - 2013-11-26 14:20 - 02131120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-02-23 21:50 - 2013-11-26 14:20 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-02-23 21:50 - 2013-11-26 14:20 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-02-23 21:50 - 2013-11-26 12:50 - 01371312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-02-23 21:50 - 2013-11-26 12:44 - 02142936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-02-23 21:50 - 2013-11-26 12:44 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-02-23 21:50 - 2013-11-26 11:13 - 04191232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-02-23 21:50 - 2013-11-26 10:21 - 18577920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-02-23 21:50 - 2013-11-26 09:28 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-02-23 21:50 - 2013-11-25 02:45 - 00142680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-02-23 21:50 - 2013-11-25 02:32 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-02-23 21:50 - 2013-11-25 00:30 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-02-23 21:50 - 2013-11-25 00:28 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-02-23 21:50 - 2013-11-23 13:47 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-02-23 21:50 - 2013-11-23 12:49 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-02-23 21:50 - 2013-11-23 09:19 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-02-23 21:50 - 2013-11-23 08:13 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll
2014-02-23 21:50 - 2013-11-23 08:13 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2014-02-23 21:50 - 2013-11-23 08:08 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-02-23 21:50 - 2013-11-23 05:50 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-02-23 21:50 - 2013-11-23 04:57 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-02-23 21:50 - 2013-11-23 04:48 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-02-23 21:50 - 2013-11-23 04:25 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-02-23 21:50 - 2013-11-23 04:25 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-02-23 21:50 - 2013-11-23 04:19 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-02-23 21:50 - 2013-11-23 04:15 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-02-23 21:50 - 2013-11-21 07:58 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll
2014-02-23 21:50 - 2013-11-21 07:26 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-02-23 21:50 - 2013-11-16 06:11 - 00764856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-02-23 21:50 - 2013-11-15 19:19 - 00669344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-02-23 21:50 - 2013-11-15 15:59 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2014-02-23 21:50 - 2013-11-15 15:25 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2014-02-23 21:50 - 2013-11-15 15:08 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-02-23 21:50 - 2013-11-15 14:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-02-23 21:50 - 2013-11-05 21:12 - 02551128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-02-23 21:50 - 2013-10-31 01:29 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-02-23 21:50 - 2013-10-31 00:41 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-02-14 22:22 - 2014-02-14 22:22 - 00000224 _____ () C:\WINDOWS\SysWOW64\idp2.cfg
2014-02-12 20:37 - 2014-01-04 14:40 - 07416832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-02-12 20:36 - 2014-01-09 09:25 - 02804224 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-02-12 20:36 - 2014-01-09 08:59 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-02-12 20:36 - 2014-01-09 08:59 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-02-12 20:36 - 2014-01-09 08:49 - 00919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-02-12 20:36 - 2014-01-09 08:44 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-02-12 20:36 - 2014-01-09 08:43 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-02-12 20:36 - 2014-01-09 08:29 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-02-12 20:36 - 2014-01-09 08:28 - 04217344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-02-12 20:36 - 2014-01-09 08:28 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-02-12 20:36 - 2014-01-09 08:18 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-02-12 20:36 - 2014-01-07 08:03 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2014-02-12 20:36 - 2014-01-07 06:59 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2014-02-12 20:36 - 2014-01-04 21:50 - 01462216 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-02-12 20:36 - 2014-01-04 20:22 - 01202888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-02-12 20:36 - 2014-01-04 15:30 - 13209088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-02-12 20:36 - 2014-01-04 15:23 - 11702272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-02-12 20:36 - 2014-01-04 14:42 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-02-12 20:36 - 2014-01-04 14:36 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-02-12 20:36 - 2014-01-04 14:28 - 04961792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-02-12 20:36 - 2013-12-21 03:10 - 00009701 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms
2014-02-12 20:36 - 2013-12-21 03:10 - 00009701 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2014-02-12 20:36 - 2013-12-20 11:10 - 01113040 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-02-12 20:36 - 2013-12-20 07:13 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-02-12 20:36 - 2013-12-09 01:19 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-02-12 20:36 - 2013-12-09 00:55 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2014-02-12 19:08 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-12 19:08 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-12 19:08 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-02-12 19:08 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-12 19:08 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-12 19:08 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-02-12 19:08 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-12 19:08 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-12 19:08 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-02-12 19:08 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-02-12 19:08 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-02-12 19:08 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-02-12 19:08 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-12 19:08 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-12 19:08 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-12 19:08 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-02-12 19:08 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-12 19:08 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-02-12 19:08 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-02-12 19:08 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-12 19:08 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-12 19:08 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-12 19:08 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-12 19:08 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-02-12 19:08 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-02-12 19:08 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-02-12 19:08 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-12 19:08 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-12 19:08 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-12 19:08 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-02-12 19:08 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-02-12 19:08 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-02-12 19:08 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-12 19:08 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-12 19:08 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-02-12 19:08 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-12 19:08 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-12 19:08 - 2014-01-07 06:00 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-02-12 19:08 - 2014-01-07 05:30 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-02-12 19:08 - 2013-12-09 01:27 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-02-12 19:08 - 2013-12-09 00:54 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-02-12 19:08 - 2013-11-21 07:42 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-02-12 19:08 - 2013-11-21 06:44 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-02-12 19:05 - 2013-12-09 03:57 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-02-12 19:05 - 2013-12-09 02:51 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

==================== One Month Modified Files and Folders =======

2014-03-10 18:27 - 2014-03-10 18:26 - 00018806 _____ () C:\Users\ASUS\Desktop\FRST.txt
2014-03-10 18:26 - 2014-03-10 18:25 - 00000000 ____D () C:\FRST
2014-03-10 18:26 - 2014-03-06 00:26 - 00448806 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-10 18:24 - 2014-03-10 18:24 - 00112640 _____ (forum.viry.cz) C:\Users\ASUS\Desktop\FRSTLauncher.exe
2014-03-10 18:22 - 2014-03-10 18:22 - 02157056 _____ (Farbar) C:\Users\ASUS\Desktop\FRST64.exe
2014-03-10 18:18 - 2013-12-25 21:58 - 00003954 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{18757BE1-CADB-4FF7-B9FA-F5B0D6BBC343}
2014-03-10 18:18 - 2013-12-20 23:45 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-03-10 18:15 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-03-10 08:42 - 2013-12-19 19:19 - 00000000 ____D () C:\Users\ASUS\Desktop\OSOBKA
2014-03-10 08:39 - 2013-12-20 23:16 - 00115204 _____ () C:\WINDOWS\system32\perfh01B.dat
2014-03-10 08:39 - 2013-12-20 23:16 - 00023308 _____ () C:\WINDOWS\system32\perfc01B.dat
2014-03-10 08:39 - 2013-11-14 08:28 - 00985714 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-03-09 23:29 - 2013-12-19 11:12 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\ClassicShell
2014-03-09 23:28 - 2013-12-19 20:36 - 00000000 ____D () C:\Users\ASUS\Desktop\instal
2014-03-09 20:41 - 2013-12-19 19:50 - 00000000 ____D () C:\Users\ASUS\Desktop\ROZNE
2014-03-09 20:17 - 2013-12-24 01:17 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3741878392-2057564541-1545777600-1002
2014-03-09 10:31 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-03-08 22:04 - 2013-12-19 15:08 - 00002177 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-08 22:03 - 2013-12-16 08:23 - 00000408 _____ () C:\Users\ASUS\AppData\Roaming\sp_data.sys
2014-03-08 22:02 - 2013-12-24 00:54 - 00000000 ____D () C:\Users\ASUS
2014-03-08 22:01 - 2014-03-06 00:19 - 00021196 _____ () C:\WINDOWS\PFRO.log
2014-03-08 22:01 - 2013-12-13 15:39 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-08 22:01 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-07 23:34 - 2013-12-19 20:30 - 00002729 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-07 23:34 - 2013-12-19 20:30 - 00000000 ____D () C:\ProgramData\Skype
2014-03-07 23:30 - 2014-03-07 23:30 - 00001282 _____ () C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan.lnk
2014-03-07 23:30 - 2014-03-07 23:30 - 00001055 _____ () C:\Users\ASUS\Desktop\Kaspersky Security Scan.lnk
2014-03-07 23:30 - 2014-03-07 23:30 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-03-07 23:30 - 2014-03-07 23:30 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-03-07 23:28 - 2014-03-07 23:28 - 00180000 _____ (Kaspersky Lab) C:\Users\ASUS\Desktop\kss12.0.1.117EN_RU_DE_FR_2926.exe
2014-03-06 22:36 - 2014-03-04 18:58 - 00000000 ____D () C:\Program Files (x86)\SUPERAntiSpyware
2014-03-06 22:08 - 2014-03-06 22:08 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-06 22:08 - 2014-03-06 22:08 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-06 21:20 - 2014-03-06 01:56 - 00002361 _____ () C:\WINDOWS\setupact.log
2014-03-06 12:23 - 2014-03-06 10:35 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-03-06 11:09 - 2014-03-06 11:09 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\LavasoftStatistics
2014-03-06 10:22 - 2014-03-06 10:22 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-03-06 01:56 - 2014-03-06 01:56 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-03-06 01:21 - 2013-12-16 08:23 - 00000000 ___RD () C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-06 01:20 - 2014-03-06 01:20 - 00000000 ____D () C:\SUPERDelete
2014-03-06 00:23 - 2013-12-19 15:06 - 00000944 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-06 00:23 - 2013-12-19 15:06 - 00000940 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-05 21:25 - 2014-03-04 23:17 - 00003110 _____ () C:\WINDOWS\System32\Tasks\YourFile DownloaderUpdate
2014-03-05 21:25 - 2013-12-19 15:06 - 00003918 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-05 21:25 - 2013-12-19 15:06 - 00003682 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-05 19:29 - 2014-03-05 19:29 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\ESET
2014-03-05 19:29 - 2014-03-05 19:29 - 00000000 ____D () C:\Users\ASUS\AppData\Local\ESET
2014-03-05 19:28 - 2014-03-05 19:28 - 00000000 ____D () C:\ProgramData\ESET
2014-03-05 19:28 - 2014-03-05 19:28 - 00000000 ____D () C:\Program Files\ESET
2014-03-05 19:20 - 2014-03-05 00:19 - 00000000 ____D () C:\Program Files\HitmanPro
2014-03-05 00:28 - 2014-03-04 18:52 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-03-05 00:27 - 2014-03-05 00:27 - 00012872 _____ (SurfRight B.V.) C:\WINDOWS\system32\bootdelete.exe
2014-03-05 00:19 - 2014-03-05 00:18 - 10820032 _____ (SurfRight B.V.) C:\Users\ASUS\Downloads\HitmanPro_x64.exe
2014-03-05 00:01 - 2014-03-05 00:01 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\ASUS\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-04 23:50 - 2014-03-04 23:50 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-03-04 23:50 - 2014-02-01 19:45 - 00000000 ____D () C:\ProgramData\YTD Video Downloader
2014-03-04 23:49 - 2014-03-04 23:49 - 01037734 _____ (Thisisu) C:\Users\ASUS\Downloads\JRT.exe
2014-03-04 23:41 - 2014-03-04 23:37 - 00000000 ____D () C:\AdwCleaner
2014-03-04 23:40 - 2014-03-04 23:40 - 00001947 _____ () C:\Users\ASUS\Desktop\Sync Folder.lnk
2014-03-04 23:36 - 2014-03-04 23:36 - 01244192 _____ () C:\Users\ASUS\Downloads\adwcleaner.exe
2014-03-04 23:36 - 2014-03-04 23:36 - 01244192 _____ () C:\Users\ASUS\Downloads\adwcleaner (1).exe
2014-03-04 21:22 - 2014-03-04 21:22 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-03-04 21:17 - 2014-03-04 21:17 - 00000000 ____D () C:\Users\ASUS\AppData\Local\Avg2014
2014-03-04 21:17 - 2013-12-19 19:04 - 00000000 ____D () C:\ProgramData\MFAData
2014-03-04 21:12 - 2012-07-26 09:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-03-04 20:37 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-03-04 20:27 - 2014-02-01 22:08 - 00000000 ___HD () C:\ProgramData\{$8694-7969-4031-3078-5377$}
2014-03-04 19:22 - 2014-03-04 19:22 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\Malwarebytes
2014-03-04 19:00 - 2014-03-04 19:00 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\SUPERAntiSpyware.com
2014-03-04 18:51 - 2014-03-04 18:51 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-04 18:27 - 2014-03-04 18:27 - 00000000 ____D () C:\WINDOWS\pss
2014-03-04 18:04 - 2014-03-04 18:04 - 00000000 ____D () C:\WINDOWS\Tasks\ImCleanDisabled
2014-03-04 17:28 - 2014-03-02 02:36 - 00165659 _____ () C:\MyXML.xml
2014-03-03 18:40 - 2014-01-30 21:06 - 00000290 __RSH () C:\ProgramData\ntuser.pol
2014-03-03 18:39 - 2014-03-02 02:07 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-03-03 18:28 - 2014-03-03 18:28 - 00003220 _____ () C:\WINDOWS\System32\Tasks\Driver Booster Scan
2014-03-02 02:48 - 2014-03-02 02:32 - 00000000 ____D () C:\ProgramData\ProductData
2014-03-02 02:48 - 2014-03-02 02:08 - 00000000 ____D () C:\ProgramData\IObit
2014-03-02 02:43 - 2014-03-02 02:43 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
2014-03-02 02:42 - 2014-03-02 02:42 - 00833752 _____ (Realtek ) C:\WINDOWS\system32\Drivers\Rt630x64.sys
2014-03-02 02:42 - 2014-03-02 02:42 - 00074456 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2014-03-02 02:38 - 2014-03-02 02:07 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\IObit
2014-03-02 02:35 - 2014-03-02 01:53 - 00000000 ____D () C:\WINDOWS\Minidump
2014-03-02 02:35 - 2013-12-24 00:46 - 00000000 ___DC () C:\WINDOWS\Panther
2014-03-02 02:32 - 2014-03-02 02:32 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\Apple Computer
2014-03-02 02:32 - 2014-03-02 02:32 - 00000000 ____D () C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-03-02 02:30 - 2014-03-02 02:30 - 02377024 _____ (IObit) C:\Users\ASUS\Downloads\advanced-systemcare-installer.exe
2014-03-02 02:18 - 2013-12-20 23:45 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-03-02 02:07 - 2014-03-02 02:06 - 19362952 _____ (IObit ) C:\Users\ASUS\Downloads\imfv2-setup-for-review.exe
2014-03-02 01:32 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\registration
2014-03-02 00:52 - 2014-03-02 00:23 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-03-02 00:24 - 2013-12-16 08:21 - 00000000 ____D () C:\Users\ASUS\AppData\Local\VirtualStore
2014-03-02 00:23 - 2014-03-02 00:20 - 90578216 _____ (AVAST Software) C:\Users\ASUS\Downloads\avast_free_antivirus_setup.exe
2014-03-02 00:11 - 2014-03-02 00:11 - 00034967 _____ () C:\Users\ASUS\Downloads\sitemap-cz.xml.gz
2014-03-01 23:56 - 2014-03-01 23:56 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\ASUS\Downloads\SpyHunter-Installer.exe
2014-02-25 18:40 - 2014-02-25 18:40 - 04436944 _____ (AVG Technologies) C:\Users\ASUS\Downloads\avg_free_stb_all_2014_4259_free.exe
2014-02-24 20:40 - 2013-12-19 19:51 - 00000000 ____D () C:\Users\ASUS\Desktop\SITA
2014-02-24 20:36 - 2013-12-30 19:34 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\Seznam.cz
2014-02-24 20:33 - 2013-12-19 20:30 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-24 20:31 - 2014-02-23 23:19 - 00000000 ____D () C:\Users\ASUS\AppData\Local\Deployment
2014-02-24 20:31 - 2013-12-19 20:30 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\Skype
2014-02-24 20:29 - 2013-12-16 08:23 - 00000000 ___RD () C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-24 20:17 - 2013-08-22 15:44 - 00479416 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-02-24 20:14 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-02-24 20:14 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\sk-SK
2014-02-24 20:14 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sk-SK
2014-02-24 20:14 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-02-24 20:14 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-02-24 20:13 - 2013-12-19 11:19 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-02-24 19:46 - 2014-02-24 19:46 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-02-23 23:20 - 2014-02-23 23:20 - 00000000 ____D () C:\Users\ASUS\AppData\Local\Finančné_riaditeľstvo_SR_-_Sekcia_daňová
2014-02-23 23:19 - 2013-12-19 19:19 - 00000000 ____D () C:\Users\ASUS\AppData\Local\Apps\2.0
2014-02-17 22:00 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-02-17 22:00 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-16 00:14 - 2013-12-19 19:55 - 00000000 ____D () C:\Users\ASUS\Desktop\FILMY
2014-02-15 21:29 - 2013-12-19 19:42 - 00000000 ____D () C:\Users\ASUS\Desktop\RODINNE FOTO
2014-02-14 22:35 - 2013-12-22 02:47 - 00000000 ___HD () C:\Users\ASUS\Desktop\.picasaoriginals
2014-02-14 22:25 - 2014-02-01 23:57 - 00000000 ____D () C:\Program Files (x86)\Skype Hacker v2.4.6
2014-02-14 22:25 - 2013-12-20 20:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-14 22:22 - 2014-02-14 22:22 - 00000224 _____ () C:\WINDOWS\SysWOW64\idp2.cfg
2014-02-14 22:22 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-02-14 22:22 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-02-14 22:22 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-02-14 22:22 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Camera

Files to move or delete:
====================
C:\Users\ASUS\AppData\Roaming\system.ini
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS


Some content of TEMP:
====================
C:\Users\ASUS\AppData\Local\Temp\956a2526-bdf0-4157-bc7c-2f59e8475ba4.exe
C:\Users\ASUS\AppData\Local\Temp\BackupSetup.exe
C:\Users\ASUS\AppData\Local\Temp\htmlayout.dll
C:\Users\ASUS\AppData\Local\Temp\InstHelper.exe
C:\Users\ASUS\AppData\Local\Temp\toolbar2802406.exe
C:\Users\ASUS\AppData\Local\Temp\uninstall3244937.exe
C:\Users\ASUS\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-06 20:06




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (OS) (Fixed) (Total:372.26 GB) (Free:216.48 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:537.6 GB) (Free:515.23 GB) NTFS

Available physical RAM: 6178.02 MB
Total physical RAM: 8077.48 MB
Percentage of memory in use: 23%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 932 GB) (Disk ID: 5DBB9683)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: ESET Smart Security 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET personal firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\ASUS\Desktop" je 116829 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Re: Nevyziadana reklama:make maney at home

Napsal: 10 bře 2014 19:33
od Rudy
Bohatě stačí, když to dáte sem. Nechci mít zaspamovanou schránku. :)

Otevřte poznámkový blok a zkopírujte do něj:
Start
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... &pc=ASU2JS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... &pc=ASU2JS
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Plus-HD-4.9 - {11111111-1111-1111-1111-110411591118} - C:\Program Files (x86)\Plus-HD-4.9\Plus-HD-4.9-bho64.dll No File
BHO: Torntv V6.0 - {11111111-1111-1111-1111-110411591160} - C:\Program Files (x86)\Torntv V6.0\Torntv V6.0-bho64.dll No File
S4 aswSP; No ImagePath
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\ASUS\AppData\Local\Temp
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Nevyziadana reklama:make maney at home

Napsal: 10 bře 2014 20:16
od Vojto
Zdravim Vas.

Kopirujem obsah Fixlog.txt

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-03-2014 02
Ran by ASUS at 2014-03-10 20:18:51 Run:1
Running from C:\Users\ASUS\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************

*****************


==== End of Fixlog ====

Re: Nevyziadana reklama:make maney at home

Napsal: 10 bře 2014 20:53
od Rudy
Máte fixlist uložen jako fixlist.txt na ploše? FRST nemazal. Musí tam být nějaká chyba.

Re: Nevyziadana reklama:make maney at home

Napsal: 10 bře 2014 21:07
od Vojto
Zdravim, kopirujem log. Ale reklama sa stale zobrazuje :))

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-03-2014 02
Ran by ASUS at 2014-03-10 21:03:55 Run:3
Running from C:\Users\ASUS\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... &pc=ASU2JS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... &pc=ASU2JS
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Plus-HD-4.9 - {11111111-1111-1111-1111-110411591118} - C:\Program Files (x86)\Plus-HD-4.9\Plus-HD-4.9-bho64.dll No File
BHO: Torntv V6.0 - {11111111-1111-1111-1111-110411591160} - C:\Program Files (x86)\Torntv V6.0\Torntv V6.0-bho64.dll No File
S4 aswSP; No ImagePath
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\ASUS\AppData\Local\Temp
End
*****************

C:\WINDOWS\system32\GroupPolicy\Machine => Moved successfully.
C:\WINDOWS\system32\GroupPolicy\GPT.ini => Moved successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411591118} => Key deleted successfully.
HKCR\CLSID\{11111111-1111-1111-1111-110411591118} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411591160} => Key deleted successfully.
HKCR\CLSID\{11111111-1111-1111-1111-110411591160} => Key deleted successfully.
aswSP => Service deleted successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => Moved successfully.
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => Moved successfully.
C:\Users\ASUS\AppData\Local\Temp => Moved successfully.


The system needed a reboot.

==== End of Fixlog ====

Re: Nevyziadana reklama:make maney at home

Napsal: 10 bře 2014 21:11
od Rudy
Smazáno. Spusťte ještě Junkware Removal Tool:
Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Re: Nevyziadana reklama:make maney at home

Napsal: 10 bře 2014 21:24
od Vojto
Zdravim Vas.

Vykonane a posielam log. Nieco pomazal, restartujem prave stroj a uvidime.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 8.1 x64
Ran by ASUS on po 10.03.2014 at 21:23:57,51
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\yourfiledownloader



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\ytd video downloader"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 10.03.2014 at 21:27:52,83
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Re: Nevyziadana reklama:make maney at home

Napsal: 10 bře 2014 21:26
od Vojto
Po spusteni JRT a restarte opat rekmala make maney at home :)))))))

Re: Nevyziadana reklama:make maney at home

Napsal: 10 bře 2014 21:34
od Vojto
Co keby som spustil/nabootoval Linux a Kaspersky z DVD plus aktualizoval databazku a spustil scan???
Ma to zmysel??
Všechny časy jsou v UTC+01:00
Stránka 1 z 3

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz